E-commerce chapter 5

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

38) Vishing attacks exploit SMS messages.

false

68) What is the first step in developing an e-commerce security plan? 1. A) Create a security organization. 2. B) Develop a security policy. 3. C) Perform a risk assessment. 4. D) Perform a security audit.

C

32) A worm does not need to be activated by a user for it to replicate itself.

TRUE

33) A Trojan horse appears to be benign, but then does something other than expected.

TRUE

35) CryptoLocker is an example of ransomware.

TRUE

2) ________ refers to the ability to ensure that e-commerce participants do not deny their online actions. 1. A) Nonrepudiation 2. B) Authenticity 3. C) Availability 4. D) Integrity

A

48) All of the following statements about public key cryptography are true except: 1. A) public key cryptography uses two mathematically related digital keys. 2. B) public key cryptography ensures authentication of the sender. 3. C) public key cryptography does not ensure message integrity. 4. D) public key cryptography is based on the idea of irreversible mathematical functions.

B

19) In 2016, Yahoo revealed that it had experienced which of the following? 1. A) a high-prole data breach 2. B) a DDoS attack that shut down its website 3. C) a hacktivist attack to protest its employment policies 4. D) a browser parasite

A

51) A digital certicate contains all of the following except the: 1. A) subject's private key. 2. B) subject's public key. 3. C) digital signature of the certication authority. 4. D) digital certicate serial number.

A

60) Which of the following statements is not true? 1. A) Apple's Touch ID stores a user's actual ngerprint. 2. B) Biometric devices reduce the opportunity for spoong. 3. C) A retina scan is an example of a biometric device. 4. D) Biometric data stored on an iPhone is encrypted.

A

27) Which of the following was designed to cripple Iranian nuclear centrifuges? 1. A) Stuxnet 2. B) Flame 3. C) Snake 4. D) Storm

A

1) Condentiality is sometimes confused with: 1. A) privacy. 2. B) authenticity. 3. C) integrity. 4. D) nonrepudiation.

B

37) Exploit kits are often rented or sold as a commercial product.

true

14) Accessing data without authorization on Dropbox is an example of which of the following? 1. A) social network security issue 2. B) cloud security issue 3. C) mobile platform security issue 4. D) sning

B

20) What is the most frequent cause of stolen credit cards and card information today? 1. A) lost cards 2. B) the hacking and looting of corporate servers storing credit card information 3. C) sning programs 4. D) phishing attacks

B

3) ________ refers to the ability to identify the person or entity with whom you are dealing on the Internet. 1. A) Nonrepudiation 2. B) Authenticity 3. C) Availability 4. D) Integrity

B

25) Malware that comes with a downloaded le requested by a user is called a: 1. A) Trojan horse. 2. B) backdoor. 3. C) drive-by download. 4. D) PUP .

C

5) ________ refers to the ability to ensure that an e-commerce site continues to function as intended. 1. A) Nonrepudiation 2. B) Authenticity 3. C) Availability 4. D) Integrity

C

50) All of the following statements about PKI are true except: 1. A) the term PKI refers to the certication authorities and digital certicate procedures that are accepted by all parties. 2. B) PKI is not effective against insiders who have a legitimate access to corporate systems including customer information. 3. C) PKI guarantees that the verifying computer of the merchant is secure. 4. D) the acronym PKI stands for public key infrastructure

C

55) Proxy servers are also known as: 1. A) rewalls. 2. B) application gateways. 3. C) dual home systems. 4. D) packet lters.

C

58) Which of the following is not an example of an access control? 1. A) rewalls 2. B) proxy servers 3. C) digital signatures 4. D) login passwords

C

59) Which of the following statements is not true? 1. A) A VPN provides both condentiality and integrity. 2. B) A VPN uses both authentication and encryption. 3. C) A VPN uses a dedicated secure line. 4. D) The primary use of VPNs is to establish secure communications among business partners.

C

81) Digital cash is legal tender that is instantly convertible into other forms of value without the intermediation of any third parties.

false

82) There is a finite number of Bitcoins that can be created.

true

7) ________ refers to the ability to ensure that messages and data are only available to those authorized to view them. 1. A) Condentiality 2. B) Integrity 3. C) Privacy 4. D) Availability

A

72) All of the following statements about Apple Pay are true except which of the following? 1. A) Apple Pay is subject to recent regulations issued by the Bureau of Consumer Financial Protection applicable to GPR transactions. 2. B) Apple Pay is based on Touch ID biometric ngerprint scanning. 3. C) Apple Pay can be used for mobile payments at the point of sale at a physical store. 4. D) Apple Pay relies on NFC chip technology

A

73) PayPal is an example of a(n): 1. A) online stored value payment system. 2. B) digital checking system. 3. C) accumulating balance system. 4. D) digital credit card system.

A

52) Which of the following dimensions of e-commerce security does not involve encryption? 1. A) condentiality 2. B) availability 3. C) message integrity 4. D) nonrepudiation

B

6) Which of the following is an example of an online privacy violation? 1. A) your e-mail being read by a hacker 2. B) your online purchasing history being sold to other merchants without your consent 3. C) your computer being used as part of a botnet 4. D) your e-mail being altered by a hacker

B

62) Which of the following is the most common protocol for securing a digital channel of communication? 1. A) DES 2. B) SSL/TLS 3. C) VPN 4. D) HTTP

B

69) To allow lower-level employees access to the corporate network while preventing them from accessing private human resources documents, you would use: 1. A) access controls. 2. B) an authorization management system. 3. C) security tokens. 4. D) an authorization policy.

B

71) All of the following are examples of social/mobile peer-to-peer payment systems except: 1. A) Venmo. 2. B) Bill Me Later. 3. C) Square Cash. 4. D) Google Wallet.

B

15) All of the following are prominent hacktivist groups except: 1. A) Anonymous. 2. B) LulzSec. 3. C) Impact Team. 4. D) Avid Life

D

22) ________ is not an example of malicious code. 1. A) Scareware 2. B) A Trojan horse 3. C) A bot 4. D) A sniffer

D

4) Which of the following is an example of an integrity violation of e-commerce security? 1. A) A website is not actually operated by the entity the customer believes it to be. 2. B) A merchant uses customer information in a manner not intended by the customer. 3. C) A customer denies that he or she is the person who placed the order. 4. D) An unauthorized person intercepts an online communication and changes its contents

D

53) All of the following are methods of securing channels of communication except: 1. A) SSL/TLS. 2. B) certicates. C) VPN D)FTP

D

56) All of the following are used for authentication except: 1. A) digital signatures. 2. B) certificates of authority. 3. C) biometric devices. 4. D) packet filters.

D

34) Phishing attacks rely on browser parasites.

FALSE

31) ________ typically attack governments, organizations, and sometimes individuals for political purposes. 1. A) Crackers 2. B) White hats 3. C) Grey hats 4. D) Hacktivists

D

57) An intrusion detection system can perform all of the following functions except: 1. A) examining network traffic. 2. B) setting off an alarm when suspicious activity is detected. 3. C) checking network traffic to see if it matches certain patterns or preconfigured rules. 4. D) blocking suspicious activity.

D

8) Typically, the more security measures added to an e-commerce site, the slower and more dicult it becomes to use.

TRUE

54) A ________ is a hardware or software component that acts as a lter to prevent unwanted packets from entering a network. 1. A) rewall 2. B) virtual private network 3. C) proxy server 4. D) PPTP

A

61) A fingerprint scan is an example of which of the following? 1. A) biometrics 2. B) encryption 3. C) IDS 4. D) firewall

A

75) Which of the following is not a major trend in e-commerce payments in 2016-2017? 1. A) Mobile retail payment volume decreases. 2. B) PayPal remains the most popular alternative payment method. 3. C) Google refocuses Google Wallet solely on sending and receiving money. 4. D) Payment by credit and/or debit card remains the dominant form of online payment.

A

16) Concker is an example of a: 1. A) virus. 2. B) worm. 3. C) Trojan horse. 4. D) botnet.

B

24) Angler is an example of: 1. A) a worm. 2. B) an exploit kit. 3. C) phishing. 4. D) hacktivism

B

29) Shellshock is an example of which of the following? 1. A) mobile malware 2. B) software vulnerability 3. C) botnet 4. D) Trojan horse

B

45) Symmetric key cryptography is also known as: 1. A) public key cryptography. 2. B) secret key cryptography. 3. C) PGP . 4. D) PKI.

B

47) The Data Encryption Standard uses a(n) ________-bit key. 1. A) 8 2. B) 56 3. C) 256 4. D) 512

B

74) PCI-DSS is a standard established by which of the following? 1. A) the banking industry 2. B) the credit card industry 3. C) the federal government 4. D) the retail industry

B

76) All of the following are limitations of the existing online credit card payment system except: 1. A) poor security. 2. B) cost to consumers. 3. C) cost to merchant. 4. D) social equity.

B

77) Linden Dollars, created for use in Second Life, are an example of: 1. A) digital cash. 2. B) virtual currency. 3. C) EBPP . 4. D) peer-to-peer payment systems.

B

78) Which of the following is a set of short-range wireless technologies used to share information among devices within about two inches of each other? 1. A) DES 2. B) NFC 3. C) IM 4. D) text messaging

B

10) All of the following experienced high-prole data breaches in 2015 except: 1. A) CVS. 2. B) Walgreens. 3. C) Amazon. 4. D) Experian.

C

13) Which of the following has the Internet Advertising Bureau urged advertisers to abandon? 1. A) HTML 2. B) HTML5 3. C) Adobe Flash 4. D) Adobe Acrobat

C

17) Which of the following is the leading cause of data breaches? 1. A) theft of a computer 2. B) accidental disclosures 3. C) hackers D) DDos attacks

C

21) Which dimension(s) of security is spoofing a threat to? 1. A) integrity 2. B) availability 3. C) integrity and authenticity 4. D) availability and integrity

C

23) The attack on Dyn, Twitter, Amazon, and other major organizations in October 2016, is an example of which of the following? 1. A) SQL injection attack 2. B) browser parasite 3. C) DDoS attack 4. D) MitM attack

C

26) Which of the following is not an example of a PUP? 1. A) adware 2. B) browser parasite 3. C) drive-by download 4. D) spyware

C

28) Automatically redirecting a web link to a different address is an example of: 1. A) sning. 2. B) social engineering. 3. C) pharming. 4. D) DDoS attack.

C

44) Next generation rewalls provide all of the following except: 1. A) an application-centric approach to rewall control. 2. B) the ability to identify applications regardless of the port, protocol, or security evasion tools used. 3. C) the ability to automatically update applications with security patches. 4. D) the ability to identify users regardless of the device or IP address.

C

46) All the following statements about symmetric key cryptography are true except: 1. A) in symmetric key cryptography, both the sender and the receiver use the same key to encrypt and decrypt a message. 2. B) the Data Encryption Standard is a symmetric key encryption system. 3. C) symmetric key cryptography is computationally slower. 4. D) symmetric key cryptography is a key element in digital envelopes.

C

49) ________ is the current standard used to protect Wi-Fi networks. 1. A) WEP 2. B) TLS 3. C) WPA2 4. D) WPA3

C

11) Bitcoins are an example of: 1. A) digital cash. 2. B) virtual currency. 3. C) a stored value payment system. 4. D) an EBPP system.

A

12) The overall rate of online credit card fraud is ________ of all online card transactions. 1. A) less than 1% 2. B) around 5% 3. C) around 10% 4. D) around 15%

A

18) Software that is used to obtain private user information such as a user's keystrokes or copies of e-mail is referred to as: 1. A) spyware. 2. B) a backdoor. 3. C) browser parasite. 4. D) adware.

A

84) In 2015, online bill payment accounted for ________ of all bill payments, while paper checks accounted for ________. 1. A) less than 10%; less than 25% 2. B) about 25%; about 10% 3. C) more than 50%; less than 20% 4. D) 100%; 0%

C

70) Which of the following statements is not true? 1. A) Most states require companies that maintain personal data on their residents to publicly disclose when a security breach affecting those residents has occurred. 2. B) The USA Patriot Act broadly expanded law enforcement's investigative and surveillance powers. 3. C) The Cybersecurity Information Sharing Act was strongly supported by most large technology companies and privacy advocates. 4. D) The Federal Trade Commission has asserted that it has authority over corporations' data security practices

C

30) According to Ponemon Institute's 2015 survey, which of the following was not among the causes of the costliest cybercrimes? 1. A) malicious insiders 2. B) malicious code 3. C) denial of service 4. D) botnets

D

39) Factoring Attack on RSA-Export Keys (FREAK) is an example of a software vulnerability.

true

63) SLS/TLS cannot provide irrefutability.

true

64) The easiest and least expensive way to prevent threats to system integrity is to install antivirus software.

true

79) PayPal is the most popular alternative payment method in the United States.

true

80) Apple Pay uses near field communication (NFC) chips.

true

36) Spoofing a website is a threat to the integrity of the website.

TRUE


Set pelajaran terkait

Chapter 1 : ZyBooks Python Vocab

View Set

AP Psych Personality Test Review

View Set